Bug 1271551

Summary: DBus is not running in separate instance in chroot
Product: Red Hat Enterprise Linux 7 Reporter: David Kupka <dkupka>
Component: anacondaAssignee: Anaconda Maintenance Team <anaconda-maint-list>
Status: CLOSED WONTFIX QA Contact: Release Test Team <release-test-team-automation>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: bcl, pvoborni, vpodzime
Target Milestone: rcKeywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-10-16 17:37:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1279932    
Attachments:
Description Flags
Reproducing kickstart file. none

Description David Kupka 2015-10-14 09:34:18 UTC 
Description of problem:
DBus daemon is by default listening on unix socket placed in /run/dbus/system_bus_socket. Since /run is mount.bind into chroot environment it is possible to connect to DBus but this connection is handled by DBus daemon running outside chroot enviroment.
The outside running DBus daemon is not aware of configuration in chroot environment and therefore does not permit actions that should be allowed according to configuration in chroot environment.
The preferred solution would be to start separate instance of DBus daemon inside chroot environment

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Install RHEL 7.2 with attached kickstart file

Actual results:
Certmonger fails to connect to D-Bus and is therefore unreachable.

Expected results:
Certmonger connects to D-Bus and can be reached over D-Bus by (not only) getcert utility.


Additional info:
This is general Anaconda issue (not RHEL 7.2 specific). I hit it on Fedora 22 too and believe it's present on other versions as well.
Comment 2 David Kupka 2015-10-14 09:35:37 UTC 
Created attachment 1082761 [details]
Reproducing kickstart file.
Comment 3 Brian Lane 2015-10-15 17:39:14 UTC 
You cannot run things that expect to talk to DBus from %post. The chroot is not a running system until it has been rebooted, and trying to treat it as such is going to end up causing no end of problems.
Comment 4 RHEL Program Management 2015-10-15 17:45:59 UTC 
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.
Comment 5 David Kupka 2015-10-16 11:05:46 UTC 
Ok. Then why is DBus available in chroot? Is there a chance /run will be not mount.bind? The problem is DBus is available but behaves other than expected.
Comment 6 Brian Lane 2015-10-16 17:37:51 UTC 
That's just a side-effect of how the chroot needs to be setup for other things.
Comment 7 Vratislav Podzimek 2015-10-19 16:59:52 UTC 
Bind-mounting /run (together with /sys) to /mnt/sysimage (the installed system) was added because of dracut and creation of hostonly initrd.img as documented in the bug #922988. I'm not sure what we could do here. We could probably bind-mount only some things from /run to /mnt/sysimage/run, but it'd be quite hard to identify which ones are needed/useful.